Problem with multihomed pc and vpn - local network access

Posted on 2011-05-05
Last Modified: 2012-05-11
I work for a law firm and we are starting to routinely set up shop in hotels for trials. What I thought I could do was create a mini LAN in the hotel conference room consisting of a switch with several laptops, a server, and a local network printer connected and use the laptop's dual network cards to connect to the Internet and the local network at the same time.

I have the local mini LAN configured with 10.10.10.x,, no gateway addressing which the server acts as DHCP for this range. I plug the wire into the switch giving the laptop's NIC a 10.10.10.x address. Then I use the laptops wireless NIC to get on the hotels Internet connection.

All works well. I can access both the Internet and print until I connect to VPN. Once connected, we use Cisco's web based AnyConnect, the VPN gets 192.168.200.x,, addressing but I am unable to connect to my 10.10.10.x LAN at all. I can even ping the printer. I am assume that traffic is trying to go through my VPN and finds a dead end. VPN works great. I can access my corp LAN fine, ping servers, etc...

Surely I'm just missing some sort of routing here. Is there anything I can do?

Question by:gwbmcse
    LVL 9

    Accepted Solution

    It sounds like the VPN client software is configured to send ALL data through the VPN tunnel. You maybe need to disable that feature.

    Author Comment

    That just may be the case. I looked at the vpn config on the ASA and I do have it to tunnel all networks. Seems as if I need to exclude the 10.10.10.x range but I will need someone more Cisco fluent do do that. Thanks
    LVL 20

    Assisted Solution

    by:Svet Paperov
    No, you don’t need to exclude 10.10.10.x range

    The settings you need to look for are split-tunnelling and split-dns. They need to be enabled on Cisco ASA.

    You can find the appropriate configuration through ASDM but in CLI it will be something like:

    access-list LOCAL_splitTunnelACL standard permit 
    group-policy SSL_VPN_Policy attributes
       split-tunnel-policy tunnelspecified
       split-tunnel-network-list value LOCAL_splitTunnelACL
       split-dns value your.local.domain

    Open in new window

    I hope this helps

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
    If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now